Thunderstorms are epic demonstrations of nature that can be quite fascinating when they aren't terrifying. The study of thunderstorms, in particular lightning, is of obvious practical interest, but also there is also a purely aesthetic and amusing aspect to them. I looked into the literature on lightning recently because lightning radio interference came up during my radio astronomy group meeting. The most visible form of thunderstorm lightning causes beautiful visible sprites and jets when a path of negatively charged ionized air reaches down from the clouds towards the ground where it meets the positively charged ground and following this low resistance channel of ionized air a luminous return stroke occurs, but beyond this visible display a full spectrum of electromagnetic waves may be induced in the ionosphere and magnetosphere. One of the most interesting phenomena are the reverberations around Earth in the radio spectrum called whistlers. With an appropriately tuned receiver and audio amplifier you can detect lightning's Earthly chorus. You can hear and see some of these sounds, including whistlers from lightning on Jupiter, over at professor Don Gurnett's selected sounds of space page. Read on to learn a little more about lightning, whistlers, and watch a video by the Kronos Quartet which incorporates some of these whistler sounds.

All about lightning

Observations of lightning from space show that there are about 2,000 thunderstorms active at any moment covering about 10% of the Earth's surface. Storms are not evenly distributed temporarily or spatially over the Earth; two out of three of lightning flashes occur over tropical regions and the peak of thunderstorm activity occurs through June to August. The simplest model of a thunderstorm is a vertically extended tripolar structure (though thunderstorms sometimes may involve up to six charge layers in the vertical direction) wherein there is a negative charge in the middle and positive charge at the upper and lower levels of the clouds. Thunderstorms produce various kinds of lightning strikes such as, cloud-to-cloud, cloud-to-ground and cloud-to-ionosphere electrical discharges. The common cloud-to-ground strike produces visible lightning that is the most familiar and transfers negative charges back to Earth. The intra-cloud process is a similar discharge between dipoles in a thunderstorm structure. Lightning can also create exotic processes like a Terrestrial Gama-ray Flashes which are most likely the result of bremsstrahlung radiation from relativistic electron beams generated in runaway lightning discharge processes. A bolt of lightning radiates an electromagnetic pulse with up 20 GW of peak power for 1 ms to 1 s in duration. This electromagnetic power jolt heats the partially ionized upper atmosphere with fields of up to 1 kV/m which may accelerate electrons to these relativistic energies.

Lightning plays an important role in the dynamics of Earth's atmosphere. Lightning can be viewed as the equalizer of electrons in the atmosphere just as rainfall is the equalizer of water in the atmosphere. The classic analogy of the flow of electrons to flow of water is appropriate in this situation because as thunderstorms return water to the Earth's surface they also return charge from the atmosphere to Earth's surface. The water which falls as precipitation during storms is equal to the water evaporated on other parts of the Earth such that the total flow of water onto the Earth's surface and into the Earth's atmosphere is roughly equal. Similarly, there is a fair weather current of 1,000 A (1 pA/m2) which flows from the ionosphere to the Earth's surface over the 90% of the Earth which at any given moment has clear weather; over the other 10% of the Earth covered by thunderstorms there is a roughly equal but opposite current. This current flow sustains a dynamic equilibrium because the global circuit is sensitive to the instantaneous number of storms, for example at 1800 UT there is a maximum global current and a minimum at 0300 UT. More technically the flow of charge is formulated in terms of the Maxwell current density JM = JE + JC + JL + dD/dt which has contributions from the direct charge transfer terms: JE is the field dependent current, JC is the convection current generated by mechanical transport of charge (rain, air motion, etc.), JL is the impulsive and discontinuous lightning current. The final term is dD/dt is displacement current necessary to take into account time varying electric fields such as the building of charged thunderstorm clouds. The result of the various current flows is an active atmosphere that allows for copious amounts of lightning.

Whistlers

Whistlers are electromagnetic waves generated by lightning in the frequency range 3 to 30 kHz which propagate globally along geomagnetic field lines without appreciable attenuation. They begin as a sharp pulse of radiation lasting a few milliseconds which is stretched out by the magnetosphere as the higher frequencies travel faster than the lower frequencies. There global nature allows one to use a radio antenna and an audio amplifier (since they occur in what would be the audible range were they sound waves) to study the dynamics of world wide lightning activity. Whistlers (and many other frequencies emitted by lightning in the range from a few Hz to several MHz) may reverberate around Earth several times because they are guided thorough the Earth-ionosphere waveguide like waves down a narrow water trough. If the wave has the right frequency it can propagate several times around the globe before being dissipated like water settling after bouncing back and forth from the end of a trough a few times. The image at right shows how a magnetic field line about the Earth is configured and how the electromagnetic wave propagates along that field line. The larger image above shows a whistler spectrogram which is the dynamic spectrum in the frequency-time domain of a whistler event (both images from professor Gurnett). From the spectrogram various patterns of spectra may be characterized as different signals from hiss to chorus; the characteristic modulation and stretching of the frequencies is a telltale sign of a periodic phenomena which is undergoing dispersion. Whistlers are not only a great demonstration of universal physics (there are Jovian whistlers too!), but an opportunity to get creative with nature. Samples of some of professor Gurnett's sounds have been used by the Kronos Quartet to create a unique performance:

The Large Hadron Collider continues to set records for the highest particle energies ever reached (in controlled form on earth that is). Yesterday the LHC ramped up to a new high energy of 3.5 TeV. The best part about the LHC is that you can monitor the machine by looking at data directly streamed real time over at LHC Page 1. The page looks something like that seen below and a key to make sense of it can be found here, here, or down below.

1. This is the energy of beams. 1 TeV=1000 GeV. The LHC set the energy world’s record of 3.48 TeV per beam, today, 19 March 2010.

2. Intensity of, respectively, B1 (blue) and B2 (red).

3. The information in these boxes can vary. Operators display the graphs that are relevant to the specific operation.

4. Most of the flags are set automatically. They provide a quick summary of the machine status. In order to have collisions the ‘Stable Beams’ flag must be set to green.

5. Here operators write down their messages to the experiments. Often, they write the ongoing activity, followed by the plan for the coming hours.

6. Machine Mode, indicating what the machine is currently doing. Operators can choose among several modes of operation, such as: circulate and dump, inject and dump, cycling, injection of physics beam, injection probe beam, prepare ramp, ramp, stable beams, etc.

7. Progressive number used for archiving purposes.

It has been a rough road to get here; I documented the construction and catastrophic problems the machine had in this previous post on the LHC here.

The cosmological principle states the universe is homogeneous and isotropic when viewed on large enough scales. It is the ultimate extension of the Copernican Principle which asserts that the Earth is not in any special place in the universe. Mathematically this statement reduces to the Friedmann-Lemaître-Robertson-Walker metric solution to the Einstein field equations. In our expanding universe with scale factor a, as a function of time t, with the constant k representing the curvature of space (we have measured it and it is about zero), the angles θ and φ being the normal azimuthal and polar angles in spherical coordinates, and r being the radius, the metric solution to your universe is:

It is a beautiful thing that each observer is in a unique position to be at the center of their own observed universe because the expansion of the universe results in a coherent Hubble flow away from your point of reference in every direction. Thus one may entertain the notion that you are at the center of the universe. However, an external observer would also perceive that they are at the center of the universe. Thus, while observationally everyone is at the center of their own personal expanding universe, we logically conclude that this is merely an observational illusion of isotropic and homogeneous expansion. By carefully examining anisotropies in the cosmic microwave background or measuring the redshift of galaxies in different directions over time we can determine if the Copernican Principle is valid.

You may be aware that Google recently threatened to cease operations in China. They publicly spun the decision as a response to censorship laws, but the cold hard truth is that Google's new approach to China resulted from “a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property". I have seen a spat of computer security related articles recently and I have been thinking about technology and security. This topic is a little bit off my regular focus, but I found that as I looked deeper there were disturbing trends and tons of information available.

Corporate cyber espionage is rampant and current security systems are woefully unprepared to deal with involved studied attacks. Governments around the world are setting up cyber defenses and military attacks are rumored to exist, but if they are most are classified. Finally, most attacks whether military, corporate or personal begin with social engineering and are targeted such that common defenses (firewalls, anti-virus, anti-malware, etc.) do practically nothing resulting in a state of misplaced paranoia.

China Attacks Google & Others

There is a lot of speculation about the details of the attacks. The only thing that is known for certain is that in December anonymous attackers targeted the source-code repositories of at least 30 American companies (though some investigations report that over 100 companies may have been targeted) and critically compromised at least some of their targets. Another high profile company that was a victim of the attacks was Intel though they have not revealed how much or what was stolen. To get an idea of the gravity of the situation last week when the CEO of Intel Paul Otellini was interviewed by Charlie Rose when asked by Rose, "What is the next big idea you think in technology in terms of the internet and in terms of processing information?", Otellini replied, "I think recent events have given us all a wake up call on security. I think we need to do a much better job of protecting people's privacy corporate assets, government assets... this is everything from credit card fraud, to phishing, to state sponsored cyber attacks... all of that suggests we need to do a hardening of our systems... ". Now, keep in mind they were not talking about security when Rose asked this. Otellini recommends that breaking passwords should become so hard that it needs a massive amount of computing power to be done. The interview is an excellent review of the current situation of technology. I highly recommend the Charlie Rose Paul Otellini interview.

The National Security Agency and others have been working to determine the origin of the attacks which are now being called the Aurora attacks. You know if the NSA is on the case this is serious. I suspect that the recent media spotlight on international hacker warfare is only scratching at the surface of an ongoing cold cyber war, a cold war 2.0 of sorts. Various sources have found links to two Chinese schools with close ties to the Chinese military to the Aurora attacks. However, because the Chinese government encourages volunteer “patriotic hackers” to run espionage it is possible that the source of the attacks was not officially sanctioned, but rather zealous computer nerds. There is also the possibility that the attacks came from China, but not from Chinese citizens; no matter how well you trace digital fingerprints unless you have the web cam on the other end turned on it is impossible to tell who is actually at the terminal. At best you can trace the route back to a location. A United States military contractor that faced the same attacks as Google has pointed to a specific computer science class at the Lanxiang Vocational School. The other school fingered by investigations is the Shanghai Jiaotong University. The Chinese approach to online espionage is distributed which will make definite proof of the origin of an attack almost impossible.

Short Circuit on Demand

Consumers often joke that manufactures build products only long enough to last until when next generation of the product is available. What if manufactures could simply turn off your electronics from a distance at their command? They already can. Windows will stop working eventually if you don't register your version of the software and your car's engine can be stopped by OnStar. These situations are benevolent. The real threat is malicious Trojan horses hidden in computer chips that control our nations financial systems, communications networks, power grids, and military defenses. The scenario postulated is that a foreign nation supplying the microchips to another nation may include an undetectable back-door in those microchips. This New York Times article, Old Trick Threatens the Newest Weapons, indicates that this kind of digital warfare has already occurred

A Trojan horse kill switch may already have been used. A 2007 Israeli Air Force attack on a suspected partly constructed Syrian nuclear reactor led to speculation about why the Syrian air defense system did not respond to the Israeli aircraft. Accounts of the event initially indicated that sophisticated jamming technology was used to blind the radars. Last December, however, a report in an American technical publication, IEEE Spectrum, cited a European industry source in raising the possibility that the Israelis might have used a built-in kill switch to shut down the radars.
Separately, an American semiconductor industry executive said in an interview that he had direct knowledge of the operation and that the technology for disabling the radars was supplied by Americans to the Israeli electronic intelligence agency, Unit 8200.
The disabling technology was given informally but with the knowledge of the American government, said the executive, who spoke on the condition of anonymity. His claim could not be independently verified, and American military, intelligence and contractors with classified clearance declined to discuss the attack.
The United States has used a variety of Trojan horses, according to various sources.
In 2004, Thomas C. Reed, an Air Force secretary in the Reagan administration, wrote that the United States had successfully inserted a software Trojan horse into computing equipment that the Soviet Union had bought from Canadian suppliers. Used to control a Trans-Siberian gas pipeline, the doctored software failed, leading to a spectacular explosion in 1982.

These past events show that any sophisticated computer system that is not built entirely on home soil can never be completely trusted. This problem is essentially one of globalization. In the case of military defenses a country must remain self-sufficient; that is it must be an autarky. However, autarky is not viable in most realms, but can be pursed with great economic cost to those countries which have sufficient resources to develop their own arms from scratch. In the case of the United States the Pentagon now securely manufactures about 2 percent of the integrated circuits which the military buys annually (Intel also does a lot of manufacturing work in the United States, see the Otellini interview). The push to have a completely organic source of microprocessor seems to be economically prohibitive. Some say that the computer security industry plays up the fears of catastrophe and deliberate sabotage, rather, the larger threat is design and programming errors in hardware or software. The severity of this problem is open for debate and I am not enough of an expert on it to weigh in too heavily. I wont don't delve into science fiction paranoia about it, but I do think it is a risk. You can read more on this topic at IEEE Spectrum in the report The Hunt for the Kill Switch.

Testing the Electric Fences

In Jurassic park the seasoned park ranger demands that the velociraptors be killed as they're far too intelligent. They are testing the electric fence for weaknesses, but never the same spot twice, because as he says, "They remember". They escape as soon as the power is cut and claw their way out; they have been waiting. Finally, despite that the ranger knows the danger, as he's stalking one velociraptor, another ambushes him from the side. His famous last words:

Analysts have found that the Aurora attacks were actually an entire campaign of observation and intrusion. The ISEC Partners report details the infiltration program of the Aurora malware suite and the pattern it followed:

Despite the diversity of victims in these attacks, we have seen a common pattern in the attacks, which generally proceed like this:
1. The attacker socially engineers a victim, often in an overseas office, to visit a malicious website.
2. This website uses a browser vulnerability to load custom malware on the initial victim’s machine.
3. The malware calls out to a control server, likely identified by a dynamic DNS address.
4. The attacker escalates his privilege on the corporate Windows network, using cached or local administrator credentials.
5. The attacker attempts to access an Active Directory server to obtain the password database, which can be cracked onsite or offsite.
6. The attacker uses cracked credentials to obtain VPN access, or creates a fake user in the VPN access server.
7. At this point, the attack varies based upon the victim. The attacker may steal administrator credentials to access production systems, obtain source code from a source repository, access data hosted at the victim, or explore Intranet sites for valuable intellectual property.

In the report they outline recommendations for all organizations or companies even if they have not been contacted or found evidence of an Aurora infection. The ISEC team lists off steps that companies need to take to defend themselves, but troublesomely states:

The most interesting aspect of this incident is that a number of small to medium sized companies now join the ranks of major defense contractors, utilities and major software vendors as potential victims of extremely advanced attackers. This is concerning for many reasons, not the least of which is that even most Fortune-500 companies will not be able to assemble security teams with the diversity of skills necessary to respond to this type of incident.

Security Clearance Required

Mike McConnell, the former Director of National Intelligence, said to the US Senate Commerce, Science, and Transportation Committee yesterday that if the US got involved in a cyber war at this moment, they would surely lose. "We're the most vulnerable. We're the most connected. We have the most to lose," he stated.

It is not at if we aren't trying to prepare, in fact the United States is much better prepared than most countries, but we are also a primary target. Given the rumble of talk about cyberwar and such programs as the United States Cyber Command the only thing that is clear is that the United States is keeping its cards close.

We all know the threat is there, but are we watching the flank? Every computer network is guarded with a password, albeit probably a poor password, in order to keep out those who shouldn't access to specific systems. Is it velociraptorparanoia to password everything? No, in fact I would argue more secure steps should be taken even for average users like restriction of remote logins, biometric scans (I already use one for my laptop), and security key fobs (even video games, like World of Warcraft now have authenticators!) that must be present for login. There is a rumble of talk about dark nets, foreign cyber attacks, corporate espionage, and an entire business sector for malware which lead me to believe there is an incredibly serious danger at hand. Perhaps there is a cold cyber war going on right now. In a globalized world I don't see how much of a benefit it would be to destroy another nation that you trade with or that is in debt to you (if you could hack into the banking system, would you destroy the banks, steal all the money at once, or just take enough?). Like the cold war, a cyber war would have the threat of mutually assured destruction. Yet, this will not abate the fears that all our electronics have Trojan back-doors (the ultimate outflanking maneuver) yielding all resistance (and passwords) futile.

The McCarthyism of McAfee

There is one catch to all this fear mongering which I would call the McCarthyism of McAfee. You see many anti-virus programs are detected as viruses by other anti-virus programs. These programs take up system resources and don't protect users from their own worst enemy (themselves). On my old desktop I did some monitoring and determined that my anti-virus software is actually about the 15th greatest system resource hog in terms of CPU and RAM utilization on average and I don't even have it turned on to actively scan. The is not much of a threat on your home computer if your a tech savvy user. The threat is from social engineering and on the business network you log into.

I am wondering for each press release how many undetected probing attacks are made? Or for each missile the air force launches how many digital attacks does it make? You can bet it is a lot, but I wouldn't lose sleep over it because history shows us that doomsday is less likely than government control schemes.